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1 This action is in response to the communication filed on 12/26/2007. 

2 DETAILED ACTION 

3 Response to Arguments 

4 Applicant's arguments filed 12/26/2007 have been fully considered and are not found 

5 persuasive. 

6 Applicant's argues that cited prior art does not render obvious the claim limitation that 



7 the second ticket is disabled from use and is enabled upon validation of the first ticket. The 

8 examiner disagrees. It is the service ticket transmitted from the TTP to Server A that reads on 

9 the claimed second ticket. This ticket is not "enabled for use" by Server A until it is supplied to 

10 Server A. In other words, how can server A use this server ticket if it has not been supplied to 

1 1 server A. As such, the examiner does not find the argument persuasive. 



12 Claims 1-66, and 68 have been examined. 

13 All objections and rejections not set forth below have been withdrawn. 

1 4 Claim Rejections - 35 USC §103 

15 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

16 obviousness rejections set forth in this Office action: 

17 (a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 

1 8 section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 

1 9 such that the subject matter as a whole would have been obvious at the time the invention was made to a person 

20 having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 

2 1 manner in which the invention was made. 

22 

23 Claims 1-6, 10-19, 21, 23-28, 32-42, 44-52, 56-64, 66, and 68 rejected under 35 U.S.C. 

24 103(a) as being unpatentable over Brezak et al. (US Patent Application Publication 

25 2003/00 18913) hereinafter referred to as Brezak, as evidenced by Ganesan (US Patent Number 

26 5,557,678). 



Application/Control Number: 10/083,324 Page 3 

Art Unit: 2131 

1 Regarding claim 1 , Brezak disclosed a method of authenticating a client to a content 

2 server (See Brezak Abstract and Fig. 2) comprising the steps of: generating, by a ticket authority 

3 (See Brezak Fig. 2 Element 206), a first ticket (TGT) and a second ticket (Service Ticket) 

4 wherein said second ticket is disabled from use (See Brezak Paragraphs 0042-0043 and 0045); 

5 transmitting, by said ticket authority, said first ticket to said client (See Brezak Paragraph 0042- 

6 0043); validating, by said ticket authority, said first ticket (See Brezak Paragraphs 0043 and 

7 0045-0048); using, by said client, said first ticket to establish a communication session with a 

8 content server proxy after said first ticket is validated (See Brezak Paragraphs 0043-0045); 

9 enabling, by said ticket authority, said second ticket for use upon said validation of said first 

10 ticket (See Brezak Paragraphs 0045-0048); and using, by said content server proxy, said enabled 

1 1 second ticket to establish a communication session with said content server (See Brezak 

12 Paragraphs 0045-0048), but failed to disclose generating the second ticket before the first ticket 

13 was validated. However, it was well known in the art at the time of invention that, in order to 

14 avoid processor overloading, instead of generating data upon request, the data can be pre- 

15 generated and stored for use when requested (See Ganesan Col. 8 Final paragraph). Therefore, it 

16 would have been obvious to the ordinary person skilled in the art to have the TTP pre-generate at 

17 least the service tickets prior to receiving a request for these tickets. 

18 Regarding claim 23, Brezak disclosed a system for authenticating a user (See Brezak 

19 Abstract and Fig. 2) comprising: a client (See Brezak Fig. 2 Element 202); a ticket authority (See 

20 Brezak Fig. 2 Element 206); a content server (See Brezak Fig. 2 Element 214); and a content 

21 server proxy (See Brezak Fig. 2 Element 210) in communication with said client, said ticket 

22 authority, and said content server (See Brezak Fig. 2), wherein said ticket authority generates a 
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1 first ticket (TGT) and a second ticket (Service Ticket), wherein said first ticket is transmitted to 

2 said client and used to establish a first communication session with said content server proxy 

3 (See Brezak Paragraphs 0042-0043 and 0045), and wherein said second ticket is transmitted to 

4 said content server proxy and used to establish a second communication session with said 

5 content server (See Brezak Paragraphs 0043 and 0045), but failed to disclose generating the 

6 second ticket before the first ticket was validated. However, it was well known in the art at the 

7 time of invention that, in order to avoid processor overloading, instead of generating data upon 

8 request, the data can be pre-gencrated and stored for use when requested (See Ganesan Col. 8 

9 Final paragraph). Therefore, it would have been obvious to the ordinary person skilled in the art 

10 to have the TTP pre-generate at least the service tickets prior to receiving a request for these 

1 1 tickets. 

12 Regarding claim 45, Brezak disclosed a system for authenticating a user (See Brezak 

13 Abstract and Fig. 2) comprising: a client (See Brezak Fig. 2 Element 202); a ticket authority 

14 generating a first ticket (TGT) and a second ticket (Service Ticket) wherein said second ticket is 

15 disabled from use (See Brezak Paragraphs 0042-0043 and 0045); a content server (See Brezak 

16 Fig. 2 Element 214); a content server proxy in communication with said client, said ticket 

17 authority, and said content server (See Brezak Fig. 2 Element 210) and receiving said first ticket 

18 (See Brezak Paragraphs 0042-0044); and a web server in communication with said client and 

19 said ticket authority (See Brezak Fig. 1 Element 178 and Paragraphs 0031-0032), wherein said 

20 content server proxy establishes a first communication session between said client and said 

21 content server proxy after said ticket authority validates said first ticket (See Brezak Paragraphs 

22 0043-0045), wherein said ticket authority enables said second ticket after said validation of said 
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1 first ticket (See Brezak Paragraphs 0045-0048), and wherein said content server proxy uses said 

2 enabled second ticket to establish a second communication session with a protocol different from 

3 said first communication session protocol (See Brezak Paragraph 0045), but failed to disclose 

4 generating the second ticket before the first ticket was validated. However, it was well known in 

5 the art at the time of invention that, in order to avoid processor overloading, instead of generating 

6 data upon request, the data can be pre-generated and stored for use when requested (See Ganesan 

7 Col. 8 Final paragraph). Therefore, it would have been obvious to the ordinary person skilled in 

8 the art to have the TTP pre-generate at least the service tickets prior to receiving a request for 

9 these tickets. 

10 Regarding claim 68, Brezak disclosed a system for authenticating a user (See Brezak 

1 1 Abstract and Fig. 2) comprising; means for generating, by a ticket authority, a first ticket (TGT) 

12 and a second ticket (Service Ticket) (See Brezak Paragraphs 0042-0043 and 0045); means for 

13 transmitting, by said ticket authority, said first ticket to said client (See Brezak Paragraphs 0042- 

14 0043); means for using, by said client, said first ticket to establish a first communication session 

15 with a content server proxy (See Brezak Paragraphs 0043 and 0045); means for transmitting, by 

16 said ticket authority, said second ticket to said content server proxy (See Brezak Paragraphs 0043 

17 and 0045-0048); and means for using, by said content server proxy, said second ticket to 

18 establish a second communication session with a content server (See Brezak Paragraphs 0045- 

19 0048), but failed to disclose generating the second ticket before the first ticket was validated. 

20 However, it was well known in the art at the time of invention that, in order to avoid processor 

21 overloading, instead of generating data upon request, the data can be pre-generated and stored for 

22 use when requested (See Ganesan Col. 8 Final paragraph). Therefore, it would have been 
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1 obvious to the ordinary person skilled in the art to have the TTP pre-generate at least the service 

2 tickets prior to receiving a request for these tickets. 

3 Regarding claims 2, 24, and 46, Brezak disclosed that prior to generating said 

4 ticket associated with said client, said client is authenticated with a web server (See Brezak 

5 Paragraphs 0042-0043). 

6 Regarding claims 3, 25, and 47-48, Brezak disclosed that said ticket authority 

7 transmits said first ticket to a web server and said web server transmits said first ticket to said 

8 client (See Brezak Paragraphs 003 1 -0032). 

9 Regarding claims 4, 26, and 49, Brezak disclosed that said client transmits said first ticket 

10 to said content server proxy (See Brezak Paragraph 0043 and 0044). 

1 1 Regarding claims 5, 27, and 50-5 1 , Brezak disclosed that said content server proxy 

12 transmits said first ticket to said ticket authority and said ticket authority transmits said second 

13 ticket to said content server proxy upon validation of said first ticket (See Brezak Paragraphs 

14 0045-0048). 

15 Regarding claims 6, 10, 28,32, 52 and 56, Brezak disclosed that said content server proxy 

16 transmits said second ticket to said content server upon said enabling of said second ticket (See 

17 Brezak Paragraph 0036 and 0045). 

18 Regarding claims 11, 33-34, and 57-58, Brezak disclosed that said ticket authority 

19 transmits said first ticket and said disabled second ticket to a web server and said web server 

20 transmits said first ticket and said disabled second ticket to said client (See Brezak Paragraphs 

21 0031 -0032 and 0042-0043). 
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1 Regarding claims 12, 35, and 59, Brezak disclosed that said client transmits said first 

2 ticket and said disabled second ticket to said content server proxy (See Brezak Paragraphs 0043 

3 and 0044). 

4 Regarding claim 13, Brezak disclosed transmitting said disabled second ticket to at least 

5 one of said content server proxy and a web server (See Brezak Paragraphs 0043). 

6 Regarding claims 36, and 60, Brezak disclosed that said content server proxy transmits 

7 said first ticket and said disabled second ticket to said ticket authority and said ticket authority 

8 enables said disabled second ticket (See Brezak Paragraph 0045). 

9 Regarding claims 14, 37, and 61, Brezak disclosed transmitting said enabled second 

10 ticket to said content server proxy (See Brezak Paragraph 0048). 

1 1 Regarding claims 15, 38, and 62, Brezak disclosed that a communication session protocol 

12 is established between said client and said content server (See Brezak Paragraph 0036). 

13 Regarding claims 16-17, 39-40, and 63-64, Brezak disclosed that a first communication 



14 session protocol is established between said client and said content server proxy and a second 

15 communication session protocol is established between said content server proxy and said 

16 content server, wherein said first communication session protocol is different from said second 

17 communication session protocol (See Brezak Paragraphs 0036 and 0043), said client 

1 8 communicating with said content server via said first communication session and said second 

19 communication session (See Brezak Paragraphs 0041, 0043, 0044, and Fig. 2). 

20 Regarding claims 18-19, and 41-42, Brezak disclosed that a first communication session 

21 protocol is established between said client and said content server proxy and a second 

22 communication session protocol is established between said client and a web server, wherein 
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1 said first communication session protocol is different from said second communication session 

2 protocol (See Brezak Paragraphs 003 1 -0032 and 0043). 

3 Regarding claims 21, 44, and 66, Brezak disclosed that said content server proxy is a 

4 secure socket layer relay (See Brezak Paragraphs 0048-0049, and 0053). 
5 

6 Regarding claims 20, 22, 43, and 65, Brezak disclosed a client system including many 

7 features such as accessing web sites (See Brezak Paragraphs 0005 and 0016-0033), and 

8 transmitting a second ticket to a proxy server for the use of a specifically identified server (See 

9 Brezak Paragraphs 0048-0049), but failed to disclose that the client comprised a web browser or 

10 that the server was identified by its address. It was well known in the art at the time of invention 

1 1 that computers had web browsers for accessing web sites. It was further well know in the art at 

12 the time of invention that servers were identified by their address. Therefore, it would have been 

13 obvious to the ordinary person skilled in the art at the time of invention to provide the client with 

14 a web browser and to identify the target server by its address. This would have been obvious 

15 because the ordinary person skilled in the art would have been motivated to apply what was well 

16 known and common in the art at the time. 

17 Claims 7-9, 29-31, and 53-55 are rejected under 35 U.S.C. 103(a) as being unpatentable 

18 over Brezak as applied to claims 1, 23, and 45 above, and further in view of Litai et al. (US 

19 Patent Application Publication Number 2003/0233554) hereinafter referred to as Litai. 

20 Brezak disclosed accessing a target server through a proxy server using a service ticket 

21 (See Brezak Paragraphs 0045-0048) but failed to disclose the specific method used for the target 

22 server to verify the service ticket. 
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1 Litai teaches that in a ticketing system, in order for a server to verify a service ticket, the 

2 server sends the ticket to the ticket server (See Litai Paragraph 0046). 

3 It would have been obvious to the ordinary person skilled in the art at the time of 

4 invention to employ the teachings of Litai in the ticketing system by having the target server 

5 send the service ticket to the trusted third party in order to have the ticket verified. This would 

6 have been obvious because the ordinary person skilled in the art would have been motivated to 

7 protect the server from unauthorized access. 
8 



9 Conclusion 

10 Claims 1-66, and 68 have been rejected. 

1 1 THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 

12 policy as set forth in 37 CFR 1 .136(a). 

13 A shortened statutory period for reply to this final action is set to expire THREE 



14 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

15 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

16 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 

17 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

1 8 CFR 1 . 1 36(a) will be calculated from the mailing date of the advisory action. In no event, 

19 however, will the statutory period for reply expire later than SIX MONTHS from the mailing 

20 date of this final action. 
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1 Any inquiry concerning this communication or earlier communications from the 

2 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

3 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

4 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

5 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

6 organization where this application or proceeding is assigned is 571-273-8300. 

7 Information regarding the status of an application may be obtained from the Patent 

8 Application Information Retrieval (PAIR) system. Status information for published applications 

9 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

10 applications is available through Private PAIR only. For more information about the PAIR 

1 1 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

1 2 system, contact the Electronic Business Center (EBC) at 866-2 17-9197 (toll-free) . If you would 

13 like assistance from a USPTO Customer Service Representative or access to the automated 

14 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

15 
16 

1 7 /Matthew T Henning/ 

1 8 Examiner, Art Unit 2131 
19 

20 /Christopher A. Revak/ 

2 1 Primary Examiner, Art Unit 2131 



